Title: CYBERCRIME
1CYBERCRIME NETWORK SECURITY
- Steve Wheeler
- Faculty of Education
2INFORMATION SYSTEMS SECURITY
- A discipline that protects the
- Confidentiality,
- Integrity and
- Availability
- of information and information services
- aka Network Security, Computer Security,
Information Assurance, Cyber Warfare
3Cyber Warfare
Sides have been taken By June 2006, 180,292
unique computer viruses had been identified.
There are approximately 150-250 new viruses
identified every month
Source Cybercrime by Steven Furnell (2002) p
154 Source (2006) www.sophos.com
4ThreatsIllicit Activities
Hackers enjoy intellectual challenges of
overcoming software limitations and how to
increase capabilities of systems Crackers
illegally break into other peoples secure
systems and networks Cyber Terrorists threaten
and attack other peoples computers to further a
social or political agenda
5Motivation for Hackers
- The challenge... because its there!
- Ego
- Espionage
- Ideology
- Mischief
- Money (extortion or theft)
- Revenge
From Cybercrime by Steven Furnell (2002) p 55
621 January 2003 Two years jail for UK virus
writer who infected 27,000 PCs Simon Vallor,
the twenty-two year old web designer from North
Wales who, in December 2002, pleaded guilty to
writing and distributing three computer viruses,
was today sentenced at Southwark Crown Court,
London to a two year custodial sentence. His
viruses - Gokar, Redesi and Admirer were proven
to have infected 27,000 PCs in 42 countries.
"Vallor's actions were comparable to those of a
vandal gaining illegal entry to businesses across
the world and then interfering with thousands of
their PCs. His sentence reflects the severity of
his crime and it's reassuring to computer users
that the UK courts are treating cybercriminals on
a par with more traditional offenders," said
Graham Cluley, senior technology consultant,
Sophos Anti-Virus. "Around 800 new viruses are
cropping up each month - this level of activity
requires a lot of virus writers. Perhaps Vallor's
sentence will focus some minds and make virus
writers think twice before unleashing their
malicious code."
Source www.sophos.com
7ThreatsIllicit Activities
Malware Writers responsible for the creation of
malicious software Samurai hackers hired to
legally enter secure computer/network
environments Phreakers Focus on defeating
telephone systems and associated communication
technologies
8ThreatsIllicit Activities
Phishing sending out scam e-mails with the
criminal intent of deceit and extortion Spam
unsolicited and/or undesired bulk e-mail
messages, often selling a product (See also
SPIM targeting of instant messaging
services) Zombie Computers Yours?
9Real Time Analysis
Spam
10Zombie BotNets
Botnet is a jargon term for a collection of
software robots, or bots, which run
autonomously. This can also refer to the network
of computers using distributed computing
software. While the term "botnet" can be used to
refer to any group of bots, the word is generally
used to refer to a collection of compromised
machines (zombies) running programs, usually
referred to as worms, Trojan horses, or
backdoors, under a common command and control
infrastructure. A botnet's originator (aka "bot
herder") can control the group remotely, and
usually for nefarious purposes such as the
sending of mass spam.
Source www.wikipedia.org
11Phishing
- Phishing is a technique used by strangers to
"fish" for information about you, information
that you would not normally disclose to a
stranger, such as your bank account number, PIN,
and other personal identifiers such as your
National Insurance number. These messages often
contain company/bank logos that look legitimate
and use flowery or legalistic language about
improving security by confirming your identity
details.
12Phishing example
13Exercise 1
- What do you think are the characteristics of
Hackers?
14Hacker Characteristics
- Predominantly male
- Aged from mid-teens to mid-twenties
- Lacking in social skills
- Fascination or obsession with computers
- Underachiever in other areas who sees computing
as a means of being important or powerful
Source Cybercrime by Steven Furnell (2002) p 47
15Threats MALWARE
- Malware is Malicious Software - deliberately
created and specifically designed to damage,
disrupt or destroy network services, computer
data and software. - There are several types...
16Malware Types
- Viruses
- Conceal themselves
- Infect computer systems
- Replicate themselves
- Deliver a payload
17Malware Types
- Worms
- Programs that are capable of independently
propagating throughout a computer network. - They replicate fast and consume large amounts of
the host computers memory.
18Malware Types
- Trojan Horses
- Programs that contain hidden functionality that
can harm the host computer and the data it
contains. - THs are not automatic replicators - computer
users inadvertently set them off.
19Malware Types
- Software Bombs
- Time Bombs - triggered by a specific time/date
- Logic Bombs - triggered by a specific event
- Both are introduced some time before and will
damage the host system
20Exercise 2
- What do you think motivates Malware writers to
create and unleash these attacks?
21Malware Writer Motivations
- To see how far the virus can spread
- To cause damage and destruction to a targeted
individual or organisation - To achieve a feeling of superiority/power
- To leverage some form of personal gain
- To provide a lesson in Internet security
- To conduct an experiment
Source Cybercrime by Steven Furnell (2002) p 150
22ThreatsDEFACING WEBSITES
- Hackers can leave their graffiti on other
peoples websites. Many sites have fallen foul
of this activity - FBI and CIA
- NASA
- British Labour and Conservative Parties
- New York Times
23ThreatsDEFACING WEBSITES
Spice Girls Website Hacked and Defaced 1999
24ThreatsDEFACING WEBSITES
Conservative Party Website Hacked and Defaced 1997
25ThreatsDOMAIN HACKING
Aljazeera TV Website Hacked and Defaced 2003
26(No Transcript)
27A final word
- Treat your password like you treat your
toothbrush. Never give it to anyone else to use,
and change it every few months.